Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development AP2 Protocol Introduces ‘Mandates’ to Ensure Accountability in Agent-Led Transactions Rashmi Ramesh (rashmiramesh_) • September 17, 2025 Image: Shutterstock/ISMG In an innovative move, Google has unveiled a new “agent payments protocol,” enabling artificial intelligence to facilitate consumer shopping while ensuring…
A 26-year-old Ukrainian national has been indicted in the United States for allegedly participating in the Raccoon Stealer malware-as-a-service operation, widely recognized within cybersecurity spheres for its potential to facilitate extensive data theft. Mark Sokolovsky was taken into custody by Dutch authorities shortly after departing Ukraine on March 4, 2022,…
On Wednesday, the U.S. Department of Justice (DoJ) announced the seizure of 48 domains linked to the facilitation of distributed denial-of-service (DDoS) attacks. These domains provided a platform for malicious actors to launch attacks, thereby diminishing the barriers to entry for cybercriminal activities. In connection with this crackdown, six individuals…
Cybercrime, Fraud Management & Cybercrime Vastaamo Hacker Aleksanteri Kivimäki Released While Awaiting Appeal Akshaya Asokan (asokan_akshaya) • September 12, 2025 Aleksanteri Kivimäki in a Finnish courtroom on February 28, 2023 A Helsinki court has ordered the release of one of Finland’s most infamous hackers, Aleksanteri Tomminpoika Kivimäki, pending the outcome…
Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime In Focus: Cybercriminals Utilize Ethereum Smart Contracts to Conceal Malicious npm Code Rashmi Ramesh (rashmiramesh_) • September 11, 2025 Image: Shutterstock In a weekly summary by Information Security Media Group, notable cybersecurity events have emerged including a $41 million hack of…
Relevant topics include Third Party Risk Management, Cryptocurrency Fraud, and Fraud Management & Cybercrime. Developer Compromised by Phishing Attack Involving a Malicious Email Authored by Akshaya Asokan (asokan_akshaya), David Perera (@daveperera) • September 9, 2025 Image: Shutterstock An attacker compromised 18 widely-used npm packages by embedding cryptocurrency theft malware after…
A recent surge in malicious email campaigns has been traced back to a North Korean state-sponsored group known for its history of cryptocurrency heists. This latest wave of activity, identified as a significant shift in tactics, involves aggressive credential harvesting targeting multiple sectors including education, government, and healthcare, in addition…
Hackers have executed a significant supply-chain attack by embedding malicious code into a variety of open-source software packages, impacting more than 2 billion weekly updates. This incident, which has been characterized as possibly the largest of its kind to date, compromised nearly two dozen packages hosted on the npm repository,…
April 4, 2023
Cryptocurrency / Cyber Attack
A sophisticated supply chain attack on 3CX has led to a second-stage implant specifically targeting a select number of cryptocurrency firms. Kaspersky, a Russian cybersecurity company, has been monitoring this adaptable backdoor, known as Gopuram, since 2020. They noted a surge in infections coinciding with the March 2023 3CX breach. Gopuram’s main purpose is to connect to a command-and-control (C2) server, enabling attackers to interact with the victim’s file system, initiate processes, and execute up to eight in-memory modules. The malware has ties to North Korea, as it has been found on victim machines alongside AppleJeus, another backdoor linked to the Korean-speaking Lazarus group, which previously targeted a cryptocurrency company in Southeast Asia in 2020. This recent focus on cryptocurrency firms underscores a troubling trend.
Cryptocurrency Firms Targeted in Advanced 3CX Supply Chain Attack On April 4, 2023, cybersecurity reports emerged detailing a sophisticated supply chain attack targeting the 3CX communication software, with a specific focus on a select group of cryptocurrency companies. The cyber threat actors employed a second-stage implant, which has been internally…
April 4, 2023
Cryptocurrency / Cyber Attack
A sophisticated supply chain attack on 3CX has led to a second-stage implant specifically targeting a select number of cryptocurrency firms. Kaspersky, a Russian cybersecurity company, has been monitoring this adaptable backdoor, known as Gopuram, since 2020. They noted a surge in infections coinciding with the March 2023 3CX breach. Gopuram’s main purpose is to connect to a command-and-control (C2) server, enabling attackers to interact with the victim’s file system, initiate processes, and execute up to eight in-memory modules. The malware has ties to North Korea, as it has been found on victim machines alongside AppleJeus, another backdoor linked to the Korean-speaking Lazarus group, which previously targeted a cryptocurrency company in Southeast Asia in 2020. This recent focus on cryptocurrency firms underscores a troubling trend.
